Block
Cyber & Information Security
Our experts are on hand to design innovative hedging strategies to the latest standard to secure you against threats and real-world attacks
Live Hacking
Phishing Campaign
Penetration Test
Vulnerability Scans
Risk I.D.
Mitigation / PM
Consulting

Experience Cyber & Information Security with e2 Security!

NIST (National Institute of Standards and Technology) defines cybersecurity as “the ability to protect or defend the use of cyberspace from cyberattack.”

In general, cybersecurity refers to attacks from inside or outside an organization – it is the framework for protecting and securing anything that is vulnerable to hack, attack or unauthorized access, such as computers, cell phones, networks and servers belong to.

Cybersecurity refers exclusively to the protection of data that is in digital form. So that means that when we talk about cybersecurity, we are automatically talking about digital information, systems and networks.

Information security primarily refers to protecting the confidentiality, integrity and availability of data – the form doesn’t matter here. Information security could, in purely theoretical terms, be about protecting a filing cabinet containing important, highly sensitive documents, as well as protecting your company’s database.

NIST defines information security as protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction to ensure the following:

Confidentiality

Data may be viewed or disclosed only by those authorized to do so

Integrity

Data must not be able to be altered without detection or without being noticed. This therefore involves the detection of changes to data

Availability

Availability refers to the time during which the system is functioning. In terms of the protection goals, the aim here is, of course, to keep availability as high as possible.

Live Hacking

Experience cyber security up close in our live hacking show!

As part of our Security Awareness portfolio, we offer you an up-close look at how a cybercriminal plans and executes sophisticated attacks live. Additionally, as part of our show, you will experience how the victim reacts to the attacks and may even unknowingly assist in their execution:

You accompany our fictitious CEO through his daily work routine, in which he now falls into traps well-prepared by the attacker and thus brings his company into big trouble piece by piece. The attacks on him shown are always based on current trends in cyberattacks and are realistically prepared. Current examples include: phishing emails, tampered hardware and malicious USB devices, and infection and consequences of a ransomware attack. Sufficient time is also given to questions from the audience as the understanding of the threats is to be specifically promoted.

After consultation, it is also possible to adapt the attacks to be demonstrated to your wishes and ideas. For example, you might want to focus on the topic of mobile security, the threat potential of which you or the audience should gain a better understanding of.

We can offer you the best possible experience if our show takes place in presence. However, we are also happy to offer it as an online event too. The show is designed to last 90 minutes (including audience questions) and can be adapted in either direction as needed. Please feel free to contact us here as well if needed.

When might our live hacking show be of interest to you?

The show’s primary purpose is to build and sharpen the audience’s understanding of current threats from the cyber space. In general, the show can be performed in the context of trade fairs and conferences, as well as a private performance, for example, in the context of a training course for employees. The composition of the audience is not specified: from the board of directors to employees, from IT staff to service personnel: our show can be specifically adapted, but in its current form it is thematically accessible to everyone. Feel free to contact us here.

Our approach for your individual live hacking show is divided into 2 steps:

Planning and preparation: If you are interested in our show, we will clarify open questions in a first meeting and, if necessary, already discuss the general conditions: place, time, context under which the show is to be performed (e.g. trade fair, employee training, etc.), equipment to be provided if the show is performed on site and, if necessary, adapting our show with regard to demonstrated attacks and duration to your preferences.

Performance of the show: If subsequently commissioned, the show can be carried out as planned. For our part, it is always performed by 2 speakers. Directly after the event, we are also available for questions and support.

Phishing Campaign

Reliably identifying security vulnerabilities in your systems in order to ultimately close them – all this with prior, targeted coordination and explicit authorization – that is, roughly speaking, a penetration test.

What added value does a penetration test provide?
As described, the primary purpose of a penetration test is to uncover security vulnerabilities. Once these are known, they can be closed and thus contribute to a sustainable increase in the level of security. In the context of a penetration test, our focus is on providing you with answers to the following questions: How do we proceed? How did we identify and exploit vulnerabilities? What impact does a vulnerability have on your business? What specific actions do we recommend now? But please rest assured: our work starts where vulnerability scanners leave off – we identify even complex vulnerabilities and combine them where possible. Our approach is shaped by the experience and approach similar to that of a genuine hacker.

What types of systems do we test?
Typically, these include:

  • Networks and their infrastructure
  • Web applications and application programming interfaces (APIs)
  • Mobile applications (Android & iOS) 

When is penetration testing beneficial?
There are many motivations to have such a test performed: do you need to make a one-time inventory of the security state from the perspective of a professional attacker? Is your company about to be audited? Do you sell a software product to your customers and are about to release a new version or roll out a new functionality?  Are you migrating existing IT towards the cloud?

Learn more about what makes a penetration test with e2 Security different by contacting us.

Penetration Test

What is a penetration test?

Identifying even hard-to-find vulnerabilities in your systems using common hacking methods and tools in a targeted and secure manner – all this with prior, targeted coordination and explicit authorization – that is, roughly speaking, a penetration test. In contrast to a vulnerability scan, the vulnerabilities identified here are also exploited where possible and, if necessary, combined with each other to obtain a realistic picture of the actual impact. Depending on the size of the target to be tested, the execution can last from a few days to several weeks. We do perform penetration tests against the following targets:

  • Web applications:
    • from web presences over web shops to APIs and microservices
    • Our testing methodology is based on the Web Security Testing Guide released by organization OWASP
  • Network / Infrastructure:
    • whether to test a few and public IP addresses or whole internal network segments
    • Our testing methodology is based on the Penetration Testing Execution Standard (PTES)
  • Mobile applications:
    • for both Android and iOS apps
    • Our testing methodology is based on the Mobile Security Testing Guide released by OWASP

If desired, we can also combine the penetration test on your application with a code review. This procedure is usually more time-consuming than an ordinary penetration test but offers the advantage of being able to reliably detect even hard-to-identify vulnerabilities by accessing the code.

Why and when is penetration testing beneficial?

The motives for performing a penetration test may vary. Some, but not all, of them are:

  • Depending on your industry there may be a requirement or clear recommendation to conduct penetration testing
  • Do you sell a software product that you want to have checked in terms of security?
  • Are you about to release a new version to your product or introducing a new functionality?
  • Would you like to learn more about your current attack surface, from an attacker’s perspective? This may also apply to you if, for example, you have recently been the victim of a cyberattack and want to evaluate the effectiveness of countermeasures that have been put in place
  • Have parts of the enterprise IT changed recently? (E.g. migrations to cloud, adding new infrastructure, new web presence etc.)
  • Is your company about to be audited and you need to provide evidence of having conducted thorough security testing?

Considering that new vulnerabilities are identified and published every day, you should be aware that a penetration test can only serve as a temporary snapshot of the security level. Although it is better to have a single snapshot than none at all, we strongly recommend performing penetration testing at regular intervals (e.g. once per application/network a year) to effectively increase your security level in the long run.

Our approach to a penetration test is divided into 4 phases:

Preparation: In a first meeting we clarify the goals and the general conditions of the penetration test with you. After the meeting it is clarified for you which information and accesses, we need for a successful test execution, and we agreed on a schedule for the further phases.

Test execution: as soon as all necessary information and accesses are available, the test execution starts. Here we specifically look for vulnerabilities in the agreed scope. If vulnerabilities are identified that are rated as “high” or “critical” in terms of their severity, we will contact you immediately.

Reporting: for us, the documentation of vulnerabilities and the step-by-step creation of the report run parallel to the test execution. This report combines information on our approach, detailed information on the vulnerabilities found and provides a general overview in our executive dashboard. The latter helps you understand the actual impact of individual vulnerabilities on your business and thus prioritize them. Once the report is finished, you can download it via a secure connection. This phase ends with a final presentation where we create an open space for discussion on identified vulnerabilities, their proposed fixes and feedback regarding your experience with our approach and results.

Intervention & Aftercare: this phase is designed to provide further support to you after a penetration test. Among other things, we conduct a re-test to verify whether the vulnerabilities have been closed securely – you will receive an updated report accordingly. We are also available for a further exchange on alternative solutions or reporting vulnerabilities to third-party proactively for you. This phase ends when all vulnerabilities are considered either closed or their risk when remaining not fixed has been accepted.

Vulnerability Scans

What is a vulnerability scan?

Identifying known vulnerabilities in your systems with the objective of subsequently closing them – all this with prior, targeted coordination and explicit authorization – that is, roughly speaking, a vulnerability scan. Typically, those scans are highly automated and if any vulnerability is identified, a scanner will not exploit it. Depending on the size of the target to be scanned, the execution can take from a few hours to a few days. We do perform vulnerability scans against the following targets:

  • Network / Infrastructure:
    • whether to test a few and public IP addresses or whole internal network segments
  • Web applications:
    • from web presences over web shops to APIs and microservices

Why and when is vulnerability scanning beneficial?

The motives for performing a vulnerability scan may vary. Some, but not all, of them are:

  • Depending on your industry there may be a requirement or clear recommendation to conduct vulnerability scanning
  • Are you looking to increase the security of your company’s infrastructure in the long term?
  • Would you like to gain an overview how vulnerable your infrastructure or application is?
  • A vulnerability management process is or will be established and needs regular scan results, potentially from different sources?
  • Is your company about to be audited and you need to provide evidence of having conducted (regular) security screening of your systems?

Considering that new vulnerabilities are identified and published every day, you should be aware that a vulnerability scan can only serve as a temporary snapshot of the security level. Although it is better to have a single snapshot than none at all, we strongly recommend performing vulnerability scans at regular intervals (e.g. once a week) to effectively increase your security level in the long run.

Our approach to a vulnerability scan is divided into 3 phases:

Preparation: In a first meeting we clarify the goals and the general conditions of the vulnerability scan with you. After the meeting it is clarified for you which information and accesses we need for a successful scan execution, and we agreed a schedule for the further phases.

Scan execution: if all necessary information and potential accesses are available, the scan execution can start according to the agreed time schedule. In case vulnerabilities are identified that are rated as “high” or “critical” in terms of their severity, we will contact you immediately.

Reporting: once the scan has successfully finished, the report will be created. This report combines information on our scanning activities, detailed information on the vulnerabilities found and provides an overview in our executive dashboard. The latter helps you understand the actual impact of individual vulnerabilities on your business and thus prioritize them. Once the report is finished, you can download it via a secure connection. This phase ends with a final presentation where we create an open space for discussion on identified vulnerabilities, their proposed fixes and feedback regarding your experience with our approach and results.

As we do recommend performing vulnerability scanning in regular intervals, these three phases can act as a cycle: once completed, they can easily be executed again.

Risk I.D.

What is Risk I.D.?

During the Risk I.D. you gain actionable insights into threat modelling, business impact analysis, risk identification and reporting practices that function either as a stand-alone service or that complement the vulnerability assessment. Common controls and comparisons are based on ISO 2700x standards.

Why and when is Risk I.D beneficial?

  • Legal requirements: No, just specific for KRITIS
  • Organization-related: We identify unknown risks in typical invisible (e.g., tangible vs. intangible) Assets for your stakeholders to get a more transparent view of your risks and potential financial damages
  • Product and customer-related: In the age of the Internet, news can be spread quickly and at any time, if a risk is misjudged and damage (financial but also reputational) results because data has been stolen, customers will rethink their business relationship

Our approach to a Risk I.D. is divided to 5 phases:

ISO 27001 is the most important standard for information security management systems in Europe and we compare these standard overall activities for your company

Threat modelling including assets, material (e.g., machines, cars, hardware) and immaterial (e.g., IP, data, software) that can be reused by unauthorized people. Especially immaterial assets create a big challenge for companies, because they are not easy to measure and evaluate, here we can help you

Business impact analysis means analyzing the identified risks to create KPI objectives for critical systems e.g., down times of servers, systems, websites, shops, and production plants) to your business and minimize the effect of incidents as well as loss of reputation, we are happy to advise you

Customized reports helpful for creating action plans

Mitigation / PM

  • Product and customer-related: In the age of the Internet, news can be spread quickly and at any time, if a risk is misjudged and damage (financial but also reputational) results because data has been stolen, customers will rethink their business relationship

Our approach to a Risk I.D. is divided to 5 phases:

ISO 27001 is the most important standard for information security management systems in Europe and we compare these standard overall activities for your company

Threat modelling including assets, material (e.g., machines, cars, hardware) and immaterial (e.g., IP, data, software) that can be reused by unauthorized people. Especially immaterial assets create a big challenge for companies, because they are not easy to measure and evaluate, here we can help you

Business impact analysis means analyzing the identified risks to create KPI objectives for critical systems e.g., down times of servers, systems, websites, shops, and production plants) to your business and minimize the effect of incidents as well as loss of reputation, we are happy to advise you

Customized reports helpful for creating action plans

 

What is Mitigation/PM?

Our expertise in Cyber and information security affords us a deep knowledge in the mitigation of vulnerabilities and risks over many projects, so we know how to deal with IT projects, policies, and legal standards

Why and when is Mitigation/PM beneficial?

  • Legal requirements: No
  • Organizational-related: We support your challenges in IT (e.g., vulnerability management, implementations, and project management) and take care of and lead them to success
  • Product and customer-related: We support you to make your products offerings and customers more secure as well as improve your turn around by leading projects designed around your needs.

Our approach to a Risk I.D. is divided to 2 phases:

Policies well developed policies are an effective first line of defense. We help you create and tune your policies for better coverage and reach.

Audit readiness we can support you on your way to an ISO 27001 certification by pointing out issues that would otherwise come about during the official audit

Consulting

What is Consulting (Business Transformation/Process Automation) for e2 Security?

Due to our diverse team with IT, cyber and information security, and business-related consultants you get a holistic consulting approach tailored to your requirements

Why and when is Consulting beneficial?

  • Legal requirements: No
  • Organizational-related: Your company doesn’t just buy management or technical consultants, your company gains a trusted advisor with diverse expertise and character
  • Product and customer-related: Your company maintains a new perspective on products and customers, considering modern approaches to business transformation and process automation

Our approach to Consulting is divided to 2 phases:

Business transformation we design, Plan, and Run security transformation projects to redesign your legacy processes into safe and reliable digitized business methods

Process automation You get an assessment of your processes as well as an evaluation to your readiness for a business transformation deploying more digital tools and techniques